| In the information society,random computer technology and network information technology continue to develop rapidly.Various physical businesses have started to emerge on the Internet,such as e-commerce,mobile payment,online banking,cloud storage,big data and various private networks Construction and so on,which have brought great convenience to people's production and living.But at the same time,people are constantly facing the threats posed by network security risks while enjoying the conveniences brought by the Internet.For example,people lack the awareness of cybersecurity and use computers and networks improperly.At the same time,the invaders just make use of this kind of improperly attacking and destroying the networks of individuals or enterprises or even government departments,causing individuals,enterprises and even government departments Important information disclosure or property damage and other serious consequences.In the current computer networks and distributed systems,more than half of the network security threats,mostly from a more traditional way of network attacks-buffer overflow attack.In the buffer overflow attack,the most dangerous is the stack overflow attack,because the intruder by a stack of programs for overflow attacks,the intruder can cause the function to return to the value is overwritten,so that the function returns to change the program returns Address,let it jump to the address specified by the intruder.This use of buffer overflow attacks can have many serious consequences,one is to cause the program to crash,refused to the server,and second,the program will jump to the address specified by the intruder,and the implementation of a malicious code,resulting in server failure,the third is the invasion by buffer overflow attacks,get the server's root privileges,and thus modify the server-related parameters.In this paper,GCC compiler and Clang compiler under Linux system,as well as Microsoft's latest security technology-MPX as the research object,analyze the principle of buffer overflow attacks and the corresponding security protection mechanism.In different versions of Linux system,through the preparation of test cases,the use of different compiler compiler test cases,loading a variety of security options by comparing the test case did not add security compiler options and add options before and after the test routine binary In contrast to disassembly,verify that the secure build options of the GCC compiler,Clang compiler,and MPX protect test cases and examine the impact of options on test cases when options are added.The innovation of this dissertation lies in the following aspects:Firstly,MPX technology is applied to Linux system,and the test case is used to verify the test.By examining the disassembly and binary system,this paper studies how the MPX security compiler option protects the program under Linux system. |
PDF Full Text Request